Hi David, Thanks for quick reply. If I will configure CAS client with "gateway" mode for app2 and if user directly visit app2(without logged-in in app1) and try to visit secure page at that time also user will not be prompt for credential and we need it.
correct me if I am wrong. Thanks and Regards, Rohit Kotecha From: Ohsie, David [mailto:[email protected]] Sent: Thursday, July 11, 2013 9:27 PM To: [email protected] Subject: RE:[cas-user] How to retrieve CAS SSO information on non-secure page Put a cas client in front of app2, ideally at an https served URL. This will run the usual CAS protocol to get app2 an ST which the CAS client will then validate to get the logged in user. If you don't want the user to be prompted for a password, but to only ask CAS if a user is already logged in, then configure your CAS client to run in "gateway" mode. David Ohsie Software Architect EMC Corporation From: Rohit Kotecha [mailto:[email protected]] Sent: Thursday, July 11, 2013 11:42 AM To: [email protected]<mailto:[email protected]> Subject: [cas-user] How to retrieve CAS SSO information on non-secure page Hi Team, I have two application say app1 and app2 and both integrated with CAS. user is logged-in app1 and open app2 in other tab. Now landing page of app2 is non-secure and because of some business requirement I want to get user information who logged-in in app1 on client side(jsp page) or application in server side? is there any way to achieve above? such api or method to fire to CAS server and get information like user is loggedin. Thanks and Regards, Rohit Kotecha -- You are currently subscribed to [email protected]<mailto:[email protected]> as: [email protected]<mailto:[email protected]> To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -**************Nihilent*************** " *** All information contained in this communication is confidential, proprietary, privileged and is intended for the addressees only. If youhave received this E-mail in error please notify mail administrator by telephone on +91-20-39846100 or E-mail the sender by replying to this message, and then delete this E-mail and other copies of it from your computer system. Any unauthorized dissemination,publication, transfer or use of the contents of this communication, with or without modifications is punishable under the relevant law. Nihilent has scanned this mail with current virus checking technologies. However, Nihilent makes no representations or warranties to the effect that this communication is virus-free. Nihilent reserves the right to monitor all E-mail communications through its Corporate Network. *** " *************************************************************************- -**************Nihilent*************** " *** All information contained in this communication is confidential, proprietary, privileged and is intended for the addressees only. If youhave received this E-mail in error please notify mail administrator by telephone on +91-20-39846100 or E-mail the sender by replying to this message, and then delete this E-mail and other copies of it from your computer system. Any unauthorized dissemination,publication, transfer or use of the contents of this communication, with or without modifications is punishable under the relevant law. Nihilent has scanned this mail with current virus checking technologies. However, Nihilent makes no representations or warranties to the effect that this communication is virus-free. Nihilent reserves the right to monitor all E-mail communications through its Corporate Network. *** " *************************************************************************- -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
